The Joint Committee on the National Security Strategy (JCNSS) is
to launch an inquiry into cyber security with a focus on the UK’s
critical infrastructure.
In January 2017, the previous Committee launched an inquiry
entitled ‘Cyber Security: UK National Security in a Digital
World’, focussing on the 2016 National Cyber Security Strategy
(NCSS). The inquiry was halted by the 2017 general
election.
Since Dissolution, there have been numerous cyber attacks of
significance to the UK, especially to its Critical National
Infrastructure:
-
· WannaCry,
most notably affecting the NHS;
- · The
attack on the UK Parliament;
- · The
attack on the Scottish Parliament.
The first Annual Report for the National Cyber Security Centre
(NCSC), published in October 2017, revealed it had received more
than 1100 cyber incident reports in the previous year, of which
590 were classed as significant. More than 30 of these were
assessed as being sufficiently serious to require a
cross-government response process, co-ordinated by the
NCSC.  
Chair of the Joint Committee, MP, commented:
“These incidents have highlighted the need for improved cyber
security and the challenges involved in achieving this objective.
The attacks have also raised awareness among the media and wider
population, making it an opportune moment for an inquiry to have
a lasting impact.
“Our critical national infrastructure must be prepared for
these attacks, which are becoming more frequent in nature. The
threat to the UK is real. We must be ready – the question is
how.”
The Committee will draw from the work by the previous inquiry but
wishes to call for evidence on the following terms of
reference:
- · The
types and sources of cyber threats to Critical National
Infrastructure (CNI) in the UK;  
- · The
extent to which the Government’s definition of 'critical
national infrastructure' is still valid in an interconnected
economy;  
-
· Learning
points drawn from the 2011 Cyber Security Strategy and the
fitness for purpose of the 2016 Cyber Security Strategy in
relation to CNI;   
- · The
effectiveness of the strategic lead provided by the
National
Security Council, Government Departments and agencies, and
the National Cyber Security Centre, and the
coherence of cross-government activity;   
- · The
effectiveness of the Government's relationships with,
respectively, private-sector operators and regulators in
protecting CNI from cyber attack;   
- · The
balance of responsibilities between the Government and
private-sector operators in
protecting CNI against cyber attack;   
-
· The consistency
of approach in the UK to legislation, regulation and
standards governing each CNI sector and cyber
security;  
- · The
availability of skills and expertise to the relevant Government
Departments and agencies, to regulators and to private-sector
operators of CN;  
- · The
extent to which the UK’s approach to the cyber security
of CNI draws on or represents international best
practice.  
Written evidence can be submitted using the Committee’s web
portal. The deadline is Wednesday
17th January 2018.
The Joint Committee, established to consider the National
Security Strategy, was reappointed by the Commons in October 2017
and by the Lords in November 2017. Its role includes scrutiny of
the structures for Government decision-making as well as
cross-government expenditure and policy related to the national
security strategy.
Further information:
Committee membership: (Chair) (Labour);
(Labour); (Liberal
Democrat); (Labour); (Conservative); Mr (Conservative);
(Conservative);
(Labour);
(Labour); (Labour); (Labour);
(Conservative); of Soho (Crossbench);
(Conservative); (Scottish National
Party); (Conservative); (Crossbench);
(Labour); (Conservative); (Conservative); (Labour) (Co-op);
(Conservative). 
